On 28/09/12 14:20, Gervase Markham wrote:
Is anyone interested in drafting something, perhaps taking inspiration
from comments submitted by others?
Seems no-one else is, so here is my proposal. Comments welcome,
particularly if I'm talking rubbish from a technical perspective!
<start>
Title: Mozilla Response to Dotless Domains Consultation
This submission is sent on behalf of Mozilla, a non-profit organization
whose mission is to "promote openness, innovation and opportunity on the
web". We are particularly concerned with the continued smooth
functioning of the Web in particular and the Internet in general.
Therefore, although we suspect that, for technical reasons, dotless
domains will not work very well for their owners, it is the effect on
users, even those with no relationship with any sites under the TLD in
question, which concerns us.
The DNS' enormous value to mankind is that it is a global namespace - in
other words, in most cases, every name has a single owner. This is
something users are able to understand. However, just as there are areas
of the IP address range reserved for private use (RFC 1918), there are
also areas of the DNS namespace reserved for private use - either by RFC
(RFC 2606) or convention (e.g. .local, used by Zeroconf).
It is our contention that the dotless part of the DNS namespace is /de
facto/, and should be /de jure/, reserved for private use in similar manner.
Countless companies use dotless names for their internal servers.
Dotless names already have a meaning in a local context, and no-one can
tell from the outside what names have meaning where. This is very
similar to the use of the private use IP address ranges. And, just as
creating a routable host on the Internet with IP address 192.168.0.1
would lead to all sorts of undesired effects, so would creating a host
with the global DNS name "home" or "search".
We are particularly concerned about the security implications of dotless
domains. For example, 7 companies have applied for the new TLD "mail".
There must be many thousands of companies running an internal server
called "mail". A poorly-configured DNS server could lead to the sending
of private company email to the servers of the winning applicant.
Mozilla therefore joins the SSAC in being opposed to the idea of
"dotless domains", and we strongly recommend that new gTLD operators be
contractually prohibited from attempting to create them. Mozilla does
not rule out taking steps to ignore such records if their existence is
leading to security or stability problems for users.
<end>
_______________________________________________
dev-tech-network mailing list
[email protected]
https://lists.mozilla.org/listinfo/dev-tech-network
